1. 登录页面的jsp
login.jsp
登录页面
用户名
密码
2. 登录的拦截器
public class LoginInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception { // 获取请求的uri String uri = request.getRequestURI(); // 除了login.jsp是可以公开访问的,其它的URL都没拦截 if (uri.indexOf("/login") >= 0) { return true; } else { // 获取session HttpSession session = request.getSession(); UserPojo user = (UserPojo) session.getAttribute("USER_SESSION"); // 判断session中是否有用户数据,如果有数据,则返回true。否则重定向到登录页面 if (user != null) { return true; } else { response.sendRedirect("/login/login"); return false; } } } @Override public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { }}
3. 登录的 Controller
@RestController@RequestMapping("/login")public class LoginController { //获取日志记录器Logger private static Logger log = Logger.getLogger(LoginController.class); /** * 返回登录页面 * * @return */ @RequestMapping("/login") public ModelAndView login() { ModelAndView mv = new ModelAndView("login/login"); log.info("返回登录页面"); return mv; } /** * 登录方法 * * @return */ @RequestMapping(value = "/login", method = RequestMethod.POST) public ModelAndView doLogin(UserPojo user, HttpSession session) { ModelAndView mv; // 获取前台传过来的用户名和密码 String username = user.getUsername(); String password = user.getPassword(); // 根据用户名查询用户 UserPojo userPojo = userService.getUserByUsername(username); // 从数据库中获取用户信息对用户名和密码进行判断 if (password != null && password.equals(userPojo.getPassword())) { // 将用户对象添加到session中 session.setAttribute("USER_SESSION", userPojo); // 重定向首页 mv = new ModelAndView("redirect:/index/index"); } else { mv = new ModelAndView("/login/login"); mv.addObject("message", "用户名或密码错误,请重新登录!"); } return mv; } /** * 退出方法 * * @return */ @RequestMapping(value = "/logout", method = RequestMethod.POST) public ModelAndView logout(HttpSession session) { // 退出前清除session 信息 session.invalidate(); ModelAndView mv = new ModelAndView("redirect:/login/login"); return mv; }}